ok so after 5 month I came back to htb, did 7 boxes on 4 days :) yeah they are all the easy ones and 2 mediums… so for someone with 20 + years of experience hacking( and 10-15 in infosec ) is really expected nonetheless hoping for more people to join me we meet in VR mozilla hubs.

  • Ephera
    link
    fedilink
    arrow-up
    1
    ·
    4 years ago

    I once did an internship at a security company (so I’m like a real expert, watch out), and yeah, the use of Burp Suite and some of the automated vulnerability scanners really annoyed me.

    Sure, I get why their functionality is useful, but I also wouldn’t trust them into my infrastructure, especially since they’re designed to touch a lot of your infrastructure and be invasive. Like, would you notice, if during automated scanning, it installed malware on some machines?

    Is there tools you use as a “drop-in” for some of the Burp Suite features?

    • noflags no borders
      link
      fedilink
      arrow-up
      3
      ·
      edit-2
      4 years ago

      they all use https://www.zaproxy.org/ is much better than burp but also needs a brain to use, and coding/scripting to really make it better not just the same, like most hacker tools made by actual hackers they allow for a lot of customization and most important they are libre/open to keep the hacker culture ethics of colaboration and keeping the information free/libre